February 5, 2023

The security flaw was discovered by a researcher , certain versions of BIG-IP Access Policy Manager (APM), a secure access solution that simplifies and centralizes access to applications, APIs and data.

The vulnerability is related to a component named Traffic Management Microkernel (TMM), which processes all load-balanced traffic on BIG-IP systems.

When a BIG-IP APM virtual server processes traffic of an undisclosed nature, the Traffic Management Microkernel (TMM) stops responding and restarts. the vendor explained in an advisory published last month. Traffic processing is disrupted while TMM restarts. If the affected BIG-IP system is configured as part of a device group, the system triggers a failover to the peer device.

Exploiting this vulnerability does not require any tools — the attacker simply has to send a specially crafted HTTP request to the server hosting the BIG-IP configuration utility, which results in access to the system being blocked till it’s restarted.

F5 said in its advisory that the vulnerability, tracked as CVE-2020-27716 with a severity rating of high, only impacts versions 14.x and 15.x. Updates that patch the flaw in both branches are available.

A critical BIG-IP vulnerability that ended up being exploited in the wild, including by profit-driven cybercriminals and state-sponsored hackers last year.

2 thoughts on “Vulnerability in BIG IP F5 CVE 2020-27716

  1. I really love your website.. Excellent colors & theme. Did you create this website yourself? Please reply back as I’m attempting to create my own personal blog and want to find out where you got this from or what the theme is called. Kudos!

  2. After going over a number of the blog posts on your blog, I honestly like your way of writing a blog. I book marked it to my bookmark website list and will be checking back in the near future. Please check out my website as well and tell me what you think.

Leave a Reply

%d bloggers like this: